21 matches found
Fortra FileCatalyst Workflow <= v5.1.6 - SQL Injection
A SQL Injection vulnerability in Fortra FileCatalyst Workflow allows an attacker to modify application data. Likely impacts include creation of administrative users and deletion or modification of data in the application database. Data exfiltration via SQL injection is not possible using this...
📄 Fortra FileCatalyst Workflow 5.1.6 Build 135 SQL Injection
Fortra FileCatalyst Workflow version 5.1.6 Build 135 remote SQL injection proof of concept exploit. ============================================================================================================================================= | Title : Fortra FileCatalyst Workflow v5.1.6 Build 135...
Fortra FileCatalyst 5.1.6 < 5.2.0 build 130 Unrestricted File Upload (fi-2025-010)
The version of Fortra FileCatalyst Workflow running on the remote host is 5.1.6 prior to 5.2.0 build 130. It is, therefore, is affected by a unrestricted file upload vulnerability as referenced in fi-2025-010 advisory. - Improper Access Control issue in the Workflow component of Fortra's...
CVE-2025-8450
Improper Access Control issue in the Workflow component of Fortra's FileCatalyst allows unauthenticated users to upload arbitrary files via the order forms page...
Fortra FileCatalyst Workflow 安全漏洞
Fortra FileCatalyst Workflow is a file transfer management component from US-based Fortra. A security vulnerability exists in Fortra FileCatalyst Workflow that stems from improper access control and could allow an unauthenticated user to upload arbitrary files...
Fortra FileCatalyst Workflow 5.1.6 Build 135 SQL Injection
Fortra FileCatalyst Workflow version 5.1.6 build 135 remote SQL injection exploit. ============================================================================================================================================= | Title : Fortra FileCatalyst Workflow v5.1.6 Build 135 PHP Code Injecti...
CVE-2024-5276
A SQL Injection vulnerability in Fortra FileCatalyst Workflow allows an attacker to modify application data. Likely impacts include creation of administrative users and deletion or modification of data in the application database. Data exfiltration via SQL injection is not possible using this...
Fortra FileCatalyst Workflow Directory Traversal (CVE-2024-25153) (Version Check)
The version of Fortra FileCatalyst Workflow running on the remote host is prior to 5.1.6 Build 114. It is, therefore, is affected by a Directory Traversal vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...
Fortra FileCatalyst Direct Directory Traversal (CVE-2024-25154) (Version Check)
The version of Fortra FileCatalyst Direct running on the remote host is prior to 3.8.9. It is, therefore, is affected by a number of vulnerabilities - Improper URL validation allows path traversal in FileCatalyst Direct 3.8.8 and earlier allowing an encoded payload to cause the web server to retu...
Fortra FileCatalyst Workflow SQL Injection
require 'digest/md5' class MetasploitModule 'Fortra FileCatalyst Workflow SQL Injection CVE-2024-5276', 'Description' = %q This module exploits a SQL injection vulnerability in Fortra FileCatalyst Workflow 'Tenable', Discovery and PoC 'Michael Heinzl' MSF Module , 'References' = 'CVE', '2024-5276...
Fortra FileCatalyst Workflow HSQLDB Static Password (CVE-2024-6633)
Binary data fortrafilecatalystworkflowcve-2024-6633.nbin...
Fortra FileCatalyst Workflow SQL Injection (CVE-2024-5276)
This module exploits a SQL injection vulnerability in Fortra FileCatalyst Workflow use auxiliary/admin/http/fortrafilecatalystworkflowsqli msf auxiliaryfortrafilecatalystworkflowsqli show actions ...actions... msf auxiliaryfortrafilecatalystworkflowsqli set ACTION msf...
A week in security (June 24 – June 30)
Last week on Malwarebytes Labs: TEMU sued for being "dangerous malware" by Arkansas Attorney General Driving licences and other official documents leaked by authentication service used by Uber, TikTok, X, and more "Poseidon" Mac stealer distributed via Google ads Federal Reserve "breached" data m...
Critical SQLi Vulnerability Found in Fortra FileCatalyst Workflow Application
A critical security flaw has been disclosed in Fortra FileCatalyst Workflow that, if left unpatched, could allow an attacker to tamper with the application database. Tracked as CVE-2024-5276, the vulnerability carries a CVSS score of 9.8. It impacts FileCatalyst Workflow versions 5.1.6 Build 135...
Fortra FileCatalyst Workflow SQLi (CVE-2024-5276) (Version Check)
The version of Fortra FileCatalyst Workflow running on the remote host is prior to 5.1.6 Build 139. It is, therefore, is affected by a SQL injection vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...
CVE-2024-5276
The CVE-2024-5276 entry describes a SQL Injection vulnerability in Fortra FileCatalyst Workflow that affects all versions up to 5.1.6 Build 135 (and earlier). The underlying issue allows an attacker to modify application data, including potentially creating administrative users and deleting/modif...
Fortra FileCatalyst Security Vulnerability
Fortra FileCatalyst is a file transfer acceleration solution from Fortra, Inc. designed to accelerate and optimize file transfers across global networks. A security vulnerability exists in Fortra FileCatalyst Workflow 5.1.6 Build 135 and prior versions, which stems from the presence of a SQL...
PT-2024-4324 · Fortra · Filecatalyst Workflow
Name of the Vulnerable Software and Affected Versions: Fortra FileCatalyst Workflow versions 5.1.6 Build 135 and earlier Description: The issue is related to a SQL injection vulnerability that allows an attacker to modify application data. This can likely result in the creation of administrative...
Fortra FileCatalyst Workflow Path Traversal (CVE-2024-25153)
Binary data fortrafilecatalystworkflowcve-2024-25153.nbin...
Fortra FileCatalyst Direct Server Installed (Windows)
Binary data fortrafilecatalystdirectserverwininstalled.nbin...